Iowa Caucus chaos likely to set back mobile voting
While the app used to tally votes could undermine confidence in any future attempts to roll out the technology
5 February 2020 | 0
A coding flaw and lack of sufficient testing of an application to record votes in Monday’s Iowa Democratic Presidential Caucus will likely hurt the advancement and uptake of online voting.
While there have been hundreds of tests of mobile and online voting platforms in recent years – mostly in small municipal or corporate shareholder and university student elections – online voting technology has yet to be tested for widespread use by the general public in a national election.
“This is one of the cases where we narrowly dodged a bullet,” said Jeremy Epstein, vice chair of the Association for Computing Machinery’s US Technology Policy Committee (USTPC). “The Iowa Democratic Party had planned to allow voters to vote in the caucus using their phones; if this sort of meltdown had happened with actual votes, it would have been an actual disaster. In this case, it’s just delayed results and egg on the face of the people who built and purchased the technology.”
The vote tallying app used Monday in the Iowa Caucus was created by a small Washington-based vendor called Shadow Inc.; the app was funded in part by a non-profit progressive digital strategy firm named Acronym. Today, Acronyn strived to make it clear through a tweet it did not supply the technology for the Iowa Caucus, and it is no more than an investor.
Last year, the Iowa Democratic Party (IDP) paid Shadow Inc. more than $60,000 for a website that was to upload caucus results, which it failed to accurately do yesterday. The problem with Shadow’s app was blamed on “a coding error” that has since been fixed, the IDP said in a statement. (Late Tuesday, the IDP released 62% of the tallies, showing Vermont Sen. Bernie Sanders with a narrow lead among caucus-goers and South Bend, Ind. Mayor Pete Buttigieg leading among delegates.)
The IDP said it determined “with certainty” that the underlying data collected using the app is accurate and sound, but was only reported out partially.
“We have every indication that our systems were secure and there was not a cybersecurity intrusion. In preparation for the caucuses, our systems were tested by independent cybersecurity consultants,” Iowa Democratic Party chairman Troy Price said in the statement.
Shadow Inc. apologised for the malfunction in a series of tweets.
The Nevada Democratic Party, which had planned on using Shadow’s app, said in a statement today they are abandoning it.
As the desire to increase voter turnout remains strong and the number of online voting pilot projects grows in the US and abroad, some security experts warn that any internet-based election system is wide open to attack, regardless of the underlying infrastructure.
“It’s yet another nail in the coffin of Internet voting. If a vendor can’t get a relatively simple app like this right, what’re the odds that they can get a much more complicated voting system right?” Epstein said. “Voting systems require accurate identification of voters and maintenance of secret ballots, all while protecting against malware in voters’ phones and attacks against servers – and all this system needed to do was capture a few values and send them to a server, which had to be protected from attacks. I hope that folks who were responsible for selection of this app will learn a lesson.”
Others believe the blowback from the Iowa Caucus debacle will dissipate if “a good app were to surface” and can be used to vote in an effective manner, according Jack Gold, principal analyst for J.Gold Associates.
“I have to believe that this was never tested in a real-world scenario before the use in the caucuses, otherwise they would have known of the flaws in the app,” Gold said. “Was it rushed? Did they not go to a competent app creator? Did they spec the app incorrectly? Did the user interface actually work? There are lots of questions that need to be answered about this.
“Will this have a long-term negative effect? Probably. The publicity around this will put some doubt into the public trust of mobile voting.”
While mobile or online voting applications hold the promise of opening up the polls to absentee voters and making voting more accessible in general, security concerns have been at the forefront of election officials since Russia’s interference in the 2016 presidential contest.
Tusk Philanthropies, a non-profit organisation that promotes mobile voting and has funded past projects enabled by two vendor platforms, reacted to an IDG video about online voting today saying its vendors’ technology has been tested and successfully used in hundreds of elections.
“It’s disappointing to see an election company implement something so haphazardly in such an significant election,” the company said in a statement. “We know how important it is to test out new technology and train officials, which is why our vendors go to such great lengths … to ensure a smooth and successful election. We started this work to increase the number of people who vote in US elections because we think that low voter turnout is the biggest threat to our democracy….
“From what we know, the app used in the IA Democratic Caucuses was brand new, untested and created in secrecy,” Tusk continued. “This couldn’t be in more stark contrast to the eight pilots we have completed transparently, safely and securely.”
Tusk Philanthropies has been a proponent of mobile voting apps from Voatz and Democracy Live, which is currently being used in the election of a board of supervisors in the Seattle area.
Tusk Philanthropies wanted to “make clear” Shadow Inc.’s app is not “indeed a mobile voting option or app.
“There will be lots of calls to go back to paper ballots today, but we cannot forget that paper ballots brought us hanging chads and the Iraq War. Or that unsecure voting machines are also vulnerable to hacking,” a Tusk Philanthropies’ spokesperson said via email. “We need to stop relying on outdated approaches to voting like caucusing in gyms or having people congregate around a bunch of voting machines in a school basement.”
Critics of mobile or online voting, including security experts, believe it opens up the prospect of server penetration attacks, client-device malware, denial-of-service attacks and other disruptions – all associated with infecting voters’ computers with malware or infecting the computers in the elections offices that handle and count ballots.
The problem with online voting is not that it is more or less secure than current polling systems; it is more about public perception and how that may affect turnout, according to Julie Wise, elections director for Seattle’s King County.
“I don’t think they’re ready for it,” Wise said in an interview last week. “Critically important to running elections as an administrator is having voter confidence and trust in the electoral system. There’s understandable concern around election security and hacking of anything on the internet whatsoever.”
Atif Ghauri, cybersecurity practice leader and principal at consulting firm Mazars USA, said the ubiquity of mobile devices has created a massive new frontier for cyber threats to mobile apps from Shadow Inc. and any other mobile app providers.
“The public’s concern is certainly warranted, as mobile apps not only expose software threats, but also location-based threats based on where the device is physically located. Knowing specific GPS coordinates adds another dimension to the attack,” Ghauri said via e-mail. “The use of mobile devices by the less tech-savvy or aware also increases the likelihood of an attack.”
There are strategies mobile voting vendors and public officials can take to alleviate public concerns. First and foremost, Ghauri said, is the use of multi-factor authentication to provide a biometric, such as facial or fingerprint recognition, and a passcode from the user – all of which reduce the possibility of security threats. The use of a blockchain ledger for transactions will help substantially with transaction integrity, Ghauri said.
Voatz’s mobile application uses blockchain as an immutable electronic ledger to record voting results.
In a blog, Voatz said it had never heard of Shadow Inc. or its technology and was quick to distant itself from the Iowa caucus.
“And using an app to tabulate in-person caucus votes is not mobile voting,” the company argued. “Voatz is a mobile elections platform built to ensure an accessible, secure voting method for groups that otherwise face difficulties with the voting options currently available (i.e. overseas citizens, deployed military, and voters with disabilities). We’ve been in the industry for [five] years and have run more than 50 safe and secure elections.”
Voatz said it works with the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency (CISA), and other independent third parties for security testing and infrastructure analysis of its app.
Democracy Live’s OmniBallot web portal does not use blockchain as the basis for collecting and securing electronic ballots. Instead, it uses Amazon Web Services’ (AWS) Object Lock, which is NIST compliant and has FedRamp certification, a government program that provides a standardised approach to security assessment, authorisation and continuous monitoring for cloud services.
The OmniBallot portal has been deployed in more than 1,000 elections across the US and used by 15 million voters in hundreds of jurisdictions since 2008, according to the company.
“The bottom line is, if you are going to deploy a mission-critical mobile app, especially one with this public visibility, you better test the heck out of it and make sure it works as expected, and under full load (not just on someone’s smartphone in the office),” Gold said.
IDG News Service